On May 4, 2015 8:35 PM, "Inamdar Sharif" <[email protected]> wrote: > > > > -----Original Message----- > From: Stephen Smalley [mailto:[email protected]] > Sent: Monday, May 04, 2015 6:15 PM > To: Inamdar Sharif; [email protected] > Subject: Re: system server accessing dex2oat > > On 05/04/2015 01:57 AM, Inamdar Sharif wrote: > > Hi Guys, > > > > I am facing the following avc denied > > > > avc: denied { execute } for pid=667 comm="android.ui" name="dex2oat" > > dev="sda22" ino=158 scontext=u:r:system_server:s0 > > tcontext=u:object_r:dex2oat_exec:s0 tclass=file > > > > > > > > But on AOSP this is a neverallow rule. > > > > https://android.googlesource.com/platform/external/sepolicy/+/361cdaff > > 3096fafc16bbe88b84d6f99f7944def7 > > > > > > > > I can see that the process is "android.ui" (process running when this > > avc occured) > > > > Is this a bug in Android or something in the code went wrong?? > > Are you running AOSP master? > > No , I am not using AOSP master. > [Sharif]I don't have this neverallow rule in my external/sepolicy. > But since this will be coming in later releases ,it makes sense not to add as this will be a part of CTS as well.
This makes it harder. You need to track down where this happening. If its in AOSP master then we can help fix it. If its something modified you're source tree we won't be as helpful. I'd recommend attempting to trace where this happening. > > Did you get logcat output for the failure beyond just the avc denial? > > [Sharif]I don't see any suspecting log in logcat beyond the avc. > This happens while booting Android L. > > The change that added the neverallow was: > https://android-review.googlesource.com/#/c/127510/ > > ----------------------------------------------------------------------------------- > This email message is for the sole use of the intended recipient(s) and may contain > confidential information. Any unauthorized review, use, disclosure or distribution > is prohibited. If you are not the intended recipient, please contact the sender by > reply email and destroy all copies of the original message. > ----------------------------------------------------------------------------------- > > _______________________________________________ > Seandroid-list mailing list > [email protected] > To unsubscribe, send email to [email protected]. > To get help, send an email containing "help" to [email protected].
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
